Example Using Environment Variables

[munsayac13]

Hello,

Is there an example on how to utilize kamus decryption mechanism using environment variable in deployment.yaml file?

For example: apiVersion: v1 kind: ConfigMap metadata: name: notifier namespace: default data:

Kamus encrypted value

ACCOUNT_SID: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx AUTH_TOKEN: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

I would like to get it decrypt in my deployment file. Does the deployment file requires kamus decryptor in my app pod? When I do this, I get the npm install error. I dont know how to approach. Please advise thanks.

apiVersion: apps/v1 kind: Deployment metadata: ... ... ... spec: serviceAccountName: kamus-example-sa automountServiceAccountToken: true initContainers:

• name: "kamus-init" image: "ghcr.io/soluto/kamus-init-container:latest" imagePullPolicy: IfNotPresent env:
  • name: KAMUS_URL value: http://kamus-decryptor.default.svc.cluster.local/ volumeMounts:
    • name: encrypted-secrets mountPath: /encrypted-secrets
    • name: decrypted-secrets mountPath: /decrypted-secrets args: ["-e","/encrypted-secrets","-d","/decrypted-secrets", "-n", "config.json"] containers:
• name: app image: soluto/kamus-example-app imagePullPolicy: IfNotPresent volumeMounts:
  • name: decrypted-secrets mountPath: /secrets
• name: MYAPP image: MYAPP_IMAGE:latest resources: limits: cpu: 500m requests: cpu: 100m volumes:
• name: encrypted-secrets configMap: name: encrypted-secrets-cm
• name: decrypted-secrets emptyDir: medium: Memory